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At the beginning of 2014, Mt Gox, a bitcoin exchange based in Japan, was the largest bitcoin exchange 
in the world, handling over 70% of all bitcoin transactions worldwide. By the end of February of that year, 
it was bankrupt. 

The victim of a massive hack, Mt. Gox lost about 740,000 bitcoins (6% of all bitcoin in existence at the 
time), valued at the equivalent of €460 million at the time and over $3 billion at October 2017 prices. An 
additional $27 million was missing from the company's bank accounts. Although 200,000 bitcoins were 
eventually recovered, the remaining 650,000 have never been recovered. 
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This post will discuss the rise and fall of Mt. Gox, the aftermath of the hack and the resulting (and 
ongoing) investigation and will consider whether it could happen again. 

The Rise of the Mt Gox Exchange 


Contents [show] 


Launched in 2010 by US programmer Jed McCaleb (who later went on to found Ripple), Mt Gox 
expanded rapidly to become by far the most popular bitcoin exchange in the world after being 
purchased by French developer and bitcoin enthusiast Mark Karpeles in March 2011. Rather bizarrely 
the name Mt Gox stood for "Magic: The Gathering Online exchange". 

In June 2011 the Mt. Gox exchange was hacked, most likely as a result of a compromised computer 
belonging to an auditor of the company. On that occasion, the hacker used their access to the exchange 
to artificially alter the nominal value of bitcoin to one cent and then transfer an estimated 2,000 bitcoins 
from customer accounts on the exchange, which were then sold. In addition, an estimated 650 bitcoins 
were purchased from the exchange at the artificially low price by Mt. Gox customers, none of which 
were ever returned. As a result of this hack Mt. Gox took a number of security measures, including 
arranging for a substantial amount of its bitcoin to be taken offline and held in cold storage. 
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In spite of the June 2011 hack, by 2013 Mt. Gox had established itself as the largest bitcoin exchange in 
the world, in part as a result of increased interest in bitcoin as the price of the coins increased rapidly 
(jumping from $13 dollars in January 2013 to a peak of more than $1,200). 


However, behind the scenes all was not well. 

The Struggles behind the scenes 


Although Mt. Gox had quickly expanded to become the largest bitcoin exchange in the world by 2013, 
behind the scenes it was struggling. Since its collapse, a number of Mt. Gox employees have spoken 
about how Mt. Gox was operating, with a picture being painted of a disorganized and discordant 
organization, with poor security procedures, serious issues relating to the source code of the website 
and a number of serious issues arising in relation to the operation of the business. 

In May 2013, a former business partner of Mt. Gox called Coinlab sued the company for $75 million, 
claiming breach of contract. The two companies had signed an agreement under which Coinlab would 
take over Mt. Gox's American customers but, according to Coinlab's lawsuit, the deal failed to 
materialize due to Mt. Gox breaching a clause of the contract. 

In addition, the US Department of Homeland Security was investigating claims that a subsidiary of Mt. 
Gox operating in the US was not licensed and was therefore operating as an unregistered money 
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transmitter. As a result of this investigation, more than $5 million was seized by the US government from 
the company's bank accounts. 

As a result of the US investigation, Mt. Gox had announced a temporarily suspension of withdrawals in 
US dollars. Although this suspension only nominally lasted for one month, many customers were 
experiencing delays of up to 3 months in withdrawing cash from their accounts and few US dollar 
withdrawals were being successfully completed. These delays resulted in Mt. Gox losing its place as the 
largest bitcoin exchange in the world by the end of 2013, falling to third. 

However, as it turned out, these issues were the tip of the iceberg. Underneath the hood, Mt. Gox had 
much bigger problems than it realized. It had been the victim of an ongoing hacking for over two years. 

The Mt. Gox hack 

On 7 February 2014, Mt. Gox stopped all bitcoin withdrawals, claiming that it was merely pausing 
withdrawal requests "to obtain a clear technical view of the currency process." After a number of weeks 
of uncertainty, on 24 February 2014, the exchange suspended all trading and the website went offline. 
That same week, a leaked corporate document claimed that hackers had raided that Mt. Gox exchange 
and stole 744,408 bitcoins belonging to Mt. Gox customers, as well as an additional 100,000 bitcoins 
belonging to the company, resulting in the exchange being declared to be insolvent. On 28 February Mt. 
Gox filed for bankruptcy protection in Japan, and in the US two weeks later. 

Subsequent investigations have shown that the massive hack of Mt. Gox had begun as early as 
September 2011. As a result, Mt. Gox was operating while technically insolvent for almost two years and 
had practically lost all of its bitcoins by mid-2013. Additional evidence has suggested that Mt. Gox was 
already missing up to 80,000 bitcoins from its exchange even before Mark Karpeles purchased the 
exchange in 2011. 

Although it remains an ongoing investigation and the facts remain unclear at this time, it is presumed 
that most of the bitcoins that were stolen from Mt. Gox were taken from its online (or hot) wallets, 
including all of the currency being held in cold storage, due to a "leak" in the hot wallet. An online 
cryptocurrency wallet is a web-based wallet used to store secure digital codes, known as private keys 
that show ownership of a public digital code, known as a public key, that can be used to access the 
currency addresses and it is this information that is stored in a wallet. Prior to September 2011, the Mt. 
Gox private key was unencrypted and it would appear that it was stolen via a copied wallet.dat file, either 
by hacking or perhaps through an insider. 

Once the file was hacked, the hacker(s) were able to access and cipher bitcoins gradually from the 
wallets associated with Mt. Gox's private keys without the hack being detected. The shared keypool of 
the copied file led to address re-use, which meant that the company appeared to be oblivious to the 
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secure addresses. Whenever the wallets emptied, the Mt Gox system’s interpretation of the theft as 
deposits resulted in an additional 40,000 extra bitcoins being credited to multiple user accounts. 

The Aftermath 

In March 2014, Mt. Gox reported on its website that it had found 200,000 bitcoins in old-format digital 
wallets that had been used by the exchange prior to June 2011. These bitcoins remain held on trust for 
creditors while the company remains under bankruptcy protection. 

Mark Karpeles was arrested in Japan in August 2015 and charged with fraud and embezzlement, 
although none of these charges directly relate to the theft. He was imprisoned until July 2016, when he 
was released on bail. He has pleaded not guilty to the charges and his trial is ongoing. 

Mt. Gox remains under bankruptcy protection, with the case still being under investigation. In addition, 
the litigation with CoinLab remains outstanding and distribution to creditors cannot occur until that 
lawsuit is settled. 

Where did the money go? 

650,000 bitcoins remain unaccounted for as a result of the Mt. Gox hack. A number of online theories 
have been developed as to where the missing coins are. Some have suggested that Mt. Gox never had 
the amount of coins that it claimed, and that Karpeles had manipulated the numbers to make it appear 
that Mt. Gox held more bitcoin than it in fact held. 
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In respect of how the hacker was able to access the bitcoins that Mt. Gox held in cold storage, the 
theories range from suggestions that the storage may have been compromised by an individual with on¬ 
site access to suggestions that the cold storage coins were gradually deposited into the Mt. Gox 
exchange system when a hot wallet ran low, and that a lack of accountability among staff simply meant 
that there was no awareness that the wallets were being drained by hackers. 

In July 2017, a Russian national named Alexander Vinnik was arrested by US authorities in Greece and 
charged with playing a key role in the laundering of bitcoins stolen from Mt. Gox. In additional Vinnick 
was charged by Greek authorities for laundering of approximately $4 billion in bitcoin. Vinnick is alleged 
to be associated with BTC-e, a well-established bitcoin exchange, which was raided by the FBI as part of 
the investigation. The BTC-e site has been shut down and the domain has been seized by the FBI, the 
first time the US government has seized a foreign exchange on foreign soil. Investigations by Wizsec, a 
group of bitcoin security specialists, had identified Vinnik as the owner of the wallets into which the 
stolen bitcoins had been transferred, many of which were sold on BTC-e. 



With the trial of Mark Karpeles ongoing in Japan and the indictment against Vinnik, it would appear that 
the separate strands of the investigation into the Mt. Gox hack are finally coming together. Whether any 
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that we will have at least some clarity into the Mt. Gox hack in the near future. 

Could it happen again? 

The short answer is that it could. There are many bitcoin exchanges operating at present, some of which 
are more reputable than others. Popular exchanges such as Coinbase are relatively transparent about 
their operations, as well as offering insured deposits, and are backed by reputable venture capitalists. 
However, they are also going to be the targets of the best hackers, who will be only too happy to exploit 
any security gaps. 

In addition, there are many smaller exchanges currently trading that aren't as clear about how they 
operate. That does not mean that such exchanges are operating a hack or disreputable in any way. But 
when it comes to cryptocurrency trading, it is recommended that you use the more reputable exchanges, 
if only for your own peace of mind, unless you have the means to absolutely guarantee the legitimacy of 
any smaller exchange that you are dealing with. 

And if the above isn't enough to scare you, my one last word of advice would be to make sure that you 
don't store your bitcoins on any exchange. See our post on cryptocurrency wallets for more details on 
how to store your bitcoins. 
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